Something we repeat quite a lot to our readers is just how important it is to create a secure passcode for your iPhone. We recommend creating a custom password up to the maximum password length of 37 alpha-numeric characters.

But what a lot of people are wondering is – can someone hack your iPhone passcode?

The simple answer to this question is – If you have a fully updated, newer iPhone then there is no publicly known way for someone to hack or brute force an iPhone passcode.

This highlights why it’s important to ensure that you keep your phone updated as regularly as possible.

The slightly more complicated answer is – in theory, it can be done in some circumstances, but it’s extremely unlikely. Here are a few examples of passcode hacking and brute forcing in the past few years to give you an idea of what is/has been possible:

  1. In 2016, a company called Elcomsoft had a product that could hack the passcode on iPhone 4 (or earlier) models. So for most people, this isn’t going to be a problem.
  2. There is a product called ‘GrayKey’ by GrayShift. This is a device that plugs into an iOS device and can crack the passcode. This takes a matter of hours (for 4-digit passcodes) , a few days (for 6-digit codes) or longer for more complicated passcodes. However, it also only works on devices running iOS 11 or older. Another reason to keep your phone updated.
  3. In 2019, an Israeli company called Cellebrite issued a public announcement stating that they could hack the passcode on any iOS device up to iOS version 12.3. They claimed their main purpose was for use with law enforcement needing access to a suspect’s data.
  4. In December 2019 a new iOS vulnerability was discovered called checkm8. This exploit potentially allows a hacker to jailbreak a device without needing to know the passcode and access small amounts of data on the device, including keychain data such as account passwords and usernames.

Whilst this attack can be used to retrieve some data from a locked iPhone, when the passcode is unknown to the hacker, it will not be able to crack the passcode and allow the hacker to unlock the phone. This vulnerability only affects devices with an A11 chip or older (that means iPhone XS and newer devices are not affected).

How to ensure your iOS passcode doesn’t get hacked

As we mentioned at the beginning of this post, the best way to protect your iPhone passcode from being hacked is to create a passcode that is complex enough so that it won’t be easily guessed.

Other than that, here are a few more steps to follow:

  • Be careful who’s looking over your shoulder when you type in your passcode – this is the number one way that people try to find out your passcode before attempting to get access to your phone at a later point in time.
  • Don’t use an obvious passcode. That means no birthdays, anniversaries, sequential numbers. Choose a passcode that won’t be easily guessed by a third-party. It might even be a good idea to use a random number generator – as long as you can remember the password.
  • Use TouchID or FaceID. This can for the most part reduce the need to input your passcode and limit the risk of someone else viewing your code.
  • Scan your iPhone with Certo AntiSpy. Our anti-spyware software helps you to detect whenever spyware is installed onto your device. If someone has discovered your passcode and hacked your iPhone, the sooner you can find out, the better.

So, overall you are generally pretty safe from having your passcode hacked so long as you stick to the basic advice we’ve given here, make sure that you don’t give out your passcode, and don’t choose something easy to guess.

On top of that, please make sure your iPhone is always updated. It’s a very simple process and takes little more than a few minutes. Apple are generally good at patching vulnerabilities in security updates to help their users stay as protected as possible.